<?php
//后台登陆控制
include_once('admin_global.php');
$db->Get_user_shell_check($uid, $shell);   //检测用户是否登录
$db->Get_user_type_check($uid, $shell);    //检测用户权限
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>编辑管理员</title>
    <link rel="stylesheet" href="css/right.css" type="text/css" />
</head>
<script>
    function focusInput(focusClass, normalClass) {
        var elements = document.getElementsByTagName("input");
        for (var i=0; i < elements.length; i++) {
            if (elements[i].type != "button" && elements[i].type != "submit" && elements[i].type != "reset") {
                elements[i].onfocus = function() { this.className = focusClass; };
                //elements[i].onblur = function() { this.className = normalClass||''; };
            }
        }
    }
    window.onload=function(){
        focusInput('int_text', 'int_text1');
        var myform=document.getElementById("form1");
        myform.onsubmit=check_addUser;
        function check_addUser(){
            if(myform.newPassword.value!=""){
                if(myform.userPassword.value==""){
                    alert("请输入管理员密码");
                    myform.userPassword.focus();
                    return false;
                }
                if(myform.RenewPassword.value==""){
                    alert("请重复新密码");
                    myform.RenewPassword.focus();
                    return false;
                }
            }
            if(myform.RenewPassword.value!=myform.newPassword.value){
                alert("两次输入的密码不一致！");
                myform.RenewPassword.focus();
                return false;
            }
            var email=myform.userEmail.value;
            if(email!=""){
                var re=/^([a-zA-Z0-9_-])+@([a-zA-Z0-9_-])+((\.[a-zA-Z0-9_-]{2,3}){1,2})$/;
                if(re.test(email)!=true){
                    alert("电子邮件格式不符合要求！");
                    return false;
                }
            }
        }
    }
</script>
<?php
//先判断管理员用户类型,决定其是否具有修改管理员类型的权限
if ($_SESSION['userType'] == "普通管理员") {
    $userTypeSelect = "disabled='true'";
    $isEnabledSelect = "disabled='true'";
} else {
    $userTypeSelect = "";
    $isEnabledSelect = "";
}
//先查询出用户数据，显示在表单中
$userID = $_GET['userID'];
$sql = "SELECT * FROM admin WHERE userID='$userID'";
$query = $db->query($sql);
$row = $db->fetch_array($query);         //将查询结果（一行）存储到数组$row中
//获取表单数据并写入数据库
if (isset($_POST['editAdmin'])) {
    //判断是否输了新密码
    $userPassword = trim($_POST['newPassword']);
    if (!empty($userPassword)) {
        //判断原始密码是否正确
        $userPassword = sha1(trim($_POST['userPassword']));
        if ($userPassword == $row['userPassword']) {
            $newPassword = sha1(trim($_POST['newPassword']));
            $userEmail = $_POST['userEmail'];
            //管理员类型
            if ($_SESSION['userType'] == "普通管理员") {
                $userType = $_SESSION['userType'];
                $userSex = $_POST['userSex'];           //用户性别
                $userRemark = $_POST['userRemark'];         //备注信息
                //写入数据库，修改用户信息
                $sql = "UPDATE admin SET userPassword='$newPassword',userEmail='$userEmail',userSex='$userSex',userType='$userType',userRemark='$userRemark' WHERE userID='$userID'";
                $query = $db->query($sql);
                if ($query == true) {
                    echo "<script>alert('修改成功');window.location.href='listAdmin.php'</script>";
                } else {
                    echo "<script>alert('修改失败');history.go(-1);</script>";
                }
            } else {
                $userType = $_POST['userType'];
                $userSex = $_POST['userSex'];           //用户性别
                $userRemark = $_POST['userRemark'];         //备注信息
                //是否可用
                if (!empty($_POST['userEnabled'])) {
                    $userEnabled = 1;
                } else {
                    $userEnabled = 0;
                }
                //写入数据库，修改用户信息
                $sql = "UPDATE admin SET userPassword='$newPassword',userEmail='$userEmail',userSex='$userSex',userType='$userType',userEnabled=$userEnabled,userRemark='$userRemark' WHERE userID='$userID'";
                $query = $db->query($sql);
                if ($query == true) {
                    echo "<script>alert('修改成功');window.location.href='listAdmin.php'</script>";
                } else {
                    echo "<script>alert('修改失败');history.go(-1);</script>";
                }
            }
        } else {
            echo "<script>alert('原始密码不正确！');history.go(-1);</script>";
        }
    } else {
        $userEmail = $_POST['userEmail'];
        //管理员类型
        if ($_SESSION['userType'] == "普通管理员") {
            $userType = $_SESSION['userType'];
            $userSex = $_POST['userSex'];           //用户性别
            $userRemark = $_POST['userRemark'];         //备注信息
            //写入数据库，修改用户信息
            $sql = "UPDATE admin SET userEmail='$userEmail',userSex='$userSex',userRemark='$userRemark' WHERE userID='$userID'";
            $query = $db->query($sql);
            if ($query == true) {
                echo "<script>alert('修改成功');window.location.href='listAdmin.php'</script>";
            } else {
                echo "<script>alert('修改失败');history.go(-1);</script>";
            }
        } else {
            $userType = $_POST['userType'];
            $userSex = $_POST['userSex'];           //用户性别
            //是否可用
            if (!empty($_POST['userEnabled'])) {
                $userEnabled = 1;
            } else {
                $userEnabled = 0;
            }
            $userRemark = $_POST['userRemark'];         //备注信息
            //写入数据库，修改用户信息
            $sql = "UPDATE admin SET userEmail='$userEmail',userSex='$userSex',userType='$userType',userEnabled=$userEnabled,userRemark='$userRemark' WHERE userID='$userID'";
            $query = $db->query($sql);
            if ($query == true) {
                echo "<script>alert('修改成功');window.location.href='listAdmin.php'</script>";
            } else {
                echo "<script>alert('修改失败');history.go(-1);</script>";
            }
        }
    }
}
?>
<body>
<div id="right_main">
    <div class="right_content">
        <div class="right_top_menu">
            <h3>
                您当前的位置：后台 > 管理设置 > 编辑管理员
            </h3>
        </div>
        <div class="right_center_content">
            <form id="form1" method="post" action="">
                <table cellpadding="0" cellspacing="0" border="0" width="100%">
                    <tr>
                        <td valign="top" >
                            <div class="txl_search"></div>
                            <table cellpadding="0" cellspacing="0" border="0" width="100%"  class="sy_table">
                                <tr>
                                    <th colspan="2" >编辑管理员</th>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">管理员名称：</td>
                                    <td width="65%"><input type="text" name="userName"  class="int_text1" value="<?php echo $row['userName']; ?>" size="40" disabled="true"/> </td>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">原始密码：</td>
                                    <td width="65%"><input type="password" name="userPassword"  class="int_text1" value="" size="40" /></td>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">新密码：</td>
                                    <td width="65%"><input type="password" name="newPassword"  class="int_text1" value="" size="40" /></td>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">重复新密码：</td>
                                    <td width="65%"><input type="password" name="RenewPassword"  class="int_text1" value="" size="40" /></td>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">管理员邮箱：</td>
                                    <td width="65%"><input type="text" name="userEmail"  class="int_text1" value="<?php echo $row['userEmail']; ?>" size="40" /></td>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">管理员类型：</td>
                                    <td width="65%">
                                        <select name="userType" <?php echo $userTypeSelect ?> >
                                            <option  value="超级管理员" <?php if ($row['userType'] == "超级管理员") { echo "selected='selected'"; } ?>>超级管理员</option>
                                            <option  value="普通管理员" <?php if ($row['userType'] == "普通管理员") { echo "selected='selected'"; } ?>>普通管理员</option>
                                        </select>
                                        &nbsp;&nbsp;* 超级管理员拥有后台管理的全部权限，普通管理员只有部分权限！
                                    </td>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">性别：</td>
                                    <td width="65%">
                                        <select name="userSex">
                                            <option  value="男"<?php if ($row['userSex'] == "男") { echo "selected='selected'"; } ?>>男</option>
                                            <option  value="女" <?php if ($row['userSex'] == "女") { echo "selected='selected'"; } ?>>女</option>
                                            <option value="保密" <?php  if ($row['userSex'] == "保密") {  echo "selected='selected'"; } ?>>保密</option>
                                        </select>
                                    </td>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">是否可用：</td>
                                    <td width="65%"><input type="checkbox" name="userEnabled"  <?php if ($row['userEnabled'] == 1) {  echo "checked='checked'";} ?> class="int_text1" value="6" size="40" <?php echo $isEnabledSelect ?>/></td>
                                </tr>
                                <tr>
                                    <td width="35%" align="right">备注：</td>
                                    <td width="65%"><input type="text" name="userRemark"  class="int_text1" value="<?php echo $row['userRemark']; ?>"  size="40" /></td>
                                </tr>
                                <tr>
                                    <td colspan="2" align="center" height='30'>
                                        <input type="submit" class="btn_ipt01" name="editAdmin" value=" 确定修改 "/>
                                    </td>
                                </tr>
                            </table>
                        </td>
                    </tr>
                </table>
            </form>
        </div>
    </div>
</div>
</body>
</html>
